Phishing E-mails Hit UW Web-mail Accounts
Students at the University of Wisconsin are being alerted by the University's IT section that cyber fraudsters are currently circulating a pair of phishing e-mails against their WiscMail Web accounts.
Reportedly, one e-mail from the pair directs recipients to provide up-to-date user ID and password of their Net accounts by following a given Web-link. However, on doing that, users are actually redirected to a phony NetID login site, which appears extremely genuine, although fully copied.
Further, when users enter their user ID and password on this fake NetID login site, it helps the con artists to view those details, which they then use to access their victims' accounts.
Significantly, approximately 460 phishing e-mails that WiscMail received in this particular e-mail attack have been recognized. The number of students who reverted with personal NetID and password is about 16.
Brian Rust, Spokesperson for the Department of Internet Technology stated that it was very hard for a common man to understand the illegitimate nature of the website, as per the statement published by badgerherald.com on March 11, 2010.
In the meantime, the other phishing e-mail hitting WiscMail accounts delivers a Trojan virus, asking recipients to provide their latest login information for social-networking websites, or access personal online banking details.
Owing to both these scams involving phishing e-mails, the university's IT Department has advised a few precautionary measures for student's' benefit.
Students must avoid clicking on any Web-link embedded in these kinds of e-mails. Instead, they shall type the URL address directly into the Web-browser. Moreover, students must check if the URL contains "https", paying attention to the "s," as that's the sign for a legitimate website.
In addition, University of Wisconsin has requested to the websites supporting the phishing attacks to eliminate the bogus Web pages. Meanwhile, the University's security experts have deactivated the Internet Protocol addresses that appeared within the phishing messages.
The IT department also asks students to report to their local IT support professional in case they have any concerns or queries regarding an e-mail which they get and feel suspicious of. Alternatively, they can also contact the helpdesk numbers of the University.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 18-03-2010